Journal 1 – After reviewing the NICE framework, I found that I’m in the field that is right for me. The prompt asks for the areas that would appeal the most and the least, and every sector appeals to me, but there is one that appeals the least. For my top area, oversight and governance is my choice because I enjoy taking a leadership role. Being responsible for the operations my company takes in regards to the security is something I would truly take pride in. For my least appealing area, I would have to pick design and development, and it is solely because of the fact that I don’t know how to code yet. I have also heard about the burnout experience by developers and that doesn’t sound like someething I’m interested in dealing with.

Journal 2 – The principles of science relate to cybersecurity by providing a framework of understanding to the social science aspect. Relativism relates to cyber through the cause-and-effect nature of cybersecurity and the interconnectedness between the people, systems, and society. Objectivity relates because we must base our actions as cyber professionals only on fact and not hearsay. Parsimony relates to the many different human components of a business not understanding the technical terminology a STEM professional would understand; therefore, simplicity is a must for communication. Empiricism paves the way for objectivity in a way because we are only to base our knowledge on things we can actually see in the cyber field. Ethical neutrality is huge because everybody deserves the same security regardless of biases. Determinism is also a huge part of cybersecurity because we study the past threats to know what people are capable of and to understand the patterns of attackers to better protect. Lastly, skepticism is important because it tests the ideas we have about security as a whole to ensure the best methods are being used.

Journal 3 – There is plenty of information about data breaches on the internet for the public and researchers to view. The availability of this information is huge for researchers specifically because it gives them the opportunity to gain an understanding of the most common threats. Depending on what they’re doing the research for, this can help a company know how to better protect themselves against these breaches and mitigate losses. Also, the researchers can use the information to publish articles for the public in a more digestible and widespread way to help people protect themselves. Overall, the public data breach information is a great source for researchers and the public alike.

Journal 4 – Maslow’s hierarchy of needs has 5 levels: Physiological, safety, love and belonging, esteem, and self-actualization. For my example of experience with technology, I choose to speak about my PlayStation gaming console. To be completely honest, the game isn’t a physiological need for me, but I could see how the use of a game for people who play professionally need it for financial reasons. In terms of safety, gaming provides a sense of stress relief that benefits my mental health when using it in moderation. The fact that I normally play the game with my friends and oftentimes use it to stay in close contact with them, it fits my love and belonging need as well. Winning is one of my favorite parts of playing video games and it satisfies my esteem needs when winning any kind of competitive game. For self-actualization, any kind of game mastery would fulfill this need. Also, building a game that can be played by many using the gaming console is another form of self-actualization.

Journal 5 – In my opinion, the motives are ranked as 1 through 7 as follows: money, recognition, multiple reasons, revenge, political, entertainment, and boredom. I ranked money first because that is what most people do things for because we need money to survive, and most data is valued at a price somewhere. Then recognition because there are entire groups who do infamous hacks just for the notoriety and remembrance. Multiple reasons: third, because money and recognition are a common pair of motives for hackers who have been caught. Revenge is fourth, but I also felt like it could replace politics for fifth because revenge and political hacking often come with negative feelings for whoever the target was, but people get revenge less often than they get money or do something for the attention. Entertainment is sixth because some hackers just do it for the love of the game and the thrill of knowing their work genuinely had the effect they were going for. Lastly, I put boredom at seventh because there are so many other things we could choose to do when we’re bored and a select group of individuals will think of hacking something when boredom strikes.

Journal 6 –

1. Tiffanycoshop[.]com – This is a fraudulent website impersonating the reknowned Tiffany jewelry company. The URL is a little bit sketchy because a company wouldn’t put shop at the end of their url, especially if they’re a well-known brand.
2. Sheingivesback[.]com – This website is acting as a part of the online fashion store, giving vouchers to customers just for answering a few questions. I can tell it’s a phishing website because no company is giving that much money to anyone for doing a survey. Also, any website asking for information usually is going to sell it to someone anyway.
3. BedBathClose[.]com – Acting as a Bed Bath and Beyond page after their bankruptcy and claiming to sell items for a ridiculous discount. Also, the site itself isn’t well-made either, and for a company as big as that one, that makes it untrustworthy as well.

Source: https://www.expressvpn.com/blog/list-of-scam-shopping-websites/?srsltid=AfmBOoqlSIp1dkCrzHpDBcsBoRE0iVX281uZRG1Jmp2imTlQgGYriw1j

Journal 7 –

The first image says, “Corporate told us to use 12 characters for the password… ‘Rainbows’ is easier to remember, though sooo.” 

The second image says, ” Let me shoulder-surf my way to those credentials bro.” 

The third image says, “Linda, this is a phishing email; please stop falling for them!”

Journal 8 – I really enjoyed watching this video because, as somebody who is certified in the field of cybersecurity, I often challenge the reality of hacking scenes myself and watching someone with even more expertise break down why some of them are exaggerated was entertaining. The media definitely influences the public understanding of cybersecurity by using a lot of more visually appealing methods of doing more complex and boring things a real hacker would do. For example, the first clip had a lot of 3-D movement on their graphical interface, when we seldomly see any 3-D visuals when doing cybersecurity work. More often than not, we only work within shells like command prompt and powershell when doing anything. Lastly, the reason the media does this is to keep people engaged who may not understand the technical jargon and what is going on if everything is hyper-realistic.

Journal 10 – My response to the article reviewing the concept of social cybersecurity and how integral it is to national security. Social cybersecurity is a topic I know from a different class; it means changes in cyber and its security affect people and their security. I do agree that this is an important concept to be spoken about when it comes to our nation’s security because, combined with modern technology’s ability to influence people’s beliefs, there is another topic called information warfare. The authors are absolutely right in being concerned about the potential implications and the fact that the military should surely be considering what this means for the future of our nation’s security.

Journal 11 – The video spoke about a few social themes that are reflective of themes that need to be present in the cybersecurity workplace and community. One of them was effective communication and that relates to cybersecurity in the conversation of making sure things are easily understandable for all groups that make up a business. Another is collaboration and that ties in with the previous one of communication; all parts of a business, including the cybersecurity professionals, need to communicate and work together well. Essentially the interdisciplinary and interpersonal themes we’re learning in class are definitely more important in cybersecurity now than ever.

Journal 12 – In the sample breach notification letter, a company used a third-party platform provider that suffered a breach of information due to malware. Because of this malware being on the provider’s systems, many clients had their private information, such as name, address, and credit/debit cards as well. One economic theory that relates to this incident is the rational-choice theory. My guess is that the company in question made the choice to pay for whatever breach occurred if it happened instead of paying for the proper protection beforehand. Another would be the Marxian economic theory, but in a different perspective than just money. In this situation, the hackers had the power and preyed on a small business they knew wouldn’t have robust security measures to make money. A psychological theory would be the neutralization theory, more specifically denial of injury. Because nobody was physically harmed during the breach, the hackers may have had this neutralization thought process. The next would be the reinforcement sensitivity theory because they had a goal in mind; in this case, it was the information they would most likely be extracting to sell for financial gain.

Journal 13 – The article examined how effective bug bounty programs are by using data from the HackerOne platform. They also looked at the information to find out how different incentives influence participation and overall performance. I think these policies are positive for businesses because it is an approach that gives hackers a way to positively utilize their skills while helping the business find issues within their cybersecurity. One thing I did see in the findings is how important the money incentive is for these individuals to participate in bug bounties, which could lead to leveraging their skills for more and more monetary rewards in the future. If I could suggest one thing, it would be to try and find a balance between monetary and non-monetary rewards to avoid my previous prediction of money being the only motive for hackers to help businesses.

Journal 14 – The author went over eleven of the most common illegal activities that happen on the internet and how to protect yourself against them. My top 5 most illegal would be faking your identity, collecting information about children, illegal searches, using other people’s networks, and bullying. I chose these because the harm they could bring to other individuals is higher than some of the other offenses. For example, there is little to no individual harm from somebody watching a sports game through a streaming website, as opposed to somebody getting bullied, which could ultimately lead to something as drastic as a loss of life.

Journal 15 – Davin Teo’s pathway was interesting to me when I watched the video. He started off doing accounting but pivoted to digital forensics. He also related what he does to the social sciences by showing how digital forensics intersects with psychology, sociology, and criminology. We learn about using social sciences to understand human behaviors and patterns of these behaviors in people. This relates to his job by understanding how criminals think and their motives behind their actions. I feel as though this TED Talk shows how important interdisciplinary knowledge is even when it comes to technically heavy jobs because people are involved in every job there is.